Privacy policy

Last updated: 12 March 2026

1. Who We Are

The Sea Cleared My Eczema™ ("we", "us", or "our") operates the website www.healedbythesea.com and sells natural skincare products directly to consumers in the United Kingdom. We act as the data controller for all personal information collected through our website and services.

2. What Personal Data We Collect

2.1 Data You Provide to Us

  • Full name and delivery address
  • Email address and phone number
  • Payment information (processed securely via Shopify Payments — we do not store card details)
  • Order history and product preferences
  • Messages or enquiries submitted through our contact form

2.2 Data Collected Automatically

  • IP address and approximate location (country/region level)
  • Browser type, device type, and operating system
  • Pages visited, time spent on site, and referring URLs
  • Cookie identifiers (see Section 7 for full details)
  • Interactions with our advertisements on platforms such as Meta (Facebook/Instagram)

3. How We Use Your Personal Data

3.1 To Process Your Orders (Contractual Necessity)

  • Process and fulfil your purchases
  • Send order confirmations, shipping updates, and delivery notifications
  • Handle returns, refunds, and customer service requests

3.2 To Improve Our Service (Legitimate Interests)

  • Analyse website traffic and user behaviour to improve our store experience
  • Understand how customers discover our products (e.g. via ads or search)
  • Prevent fraud and ensure the security of our platform

3.3 Marketing (Consent)

  • Send promotional emails, offers, and product news — only if you have opted in
  • Show you relevant advertising on Meta platforms (Facebook/Instagram) — only with your cookie consent
  • You may withdraw your marketing consent at any time by clicking "Unsubscribe" in any email or contacting us directly

3.4 Legal Obligations

  • Retain transaction records to comply with UK tax and accounting requirements
  • Respond to lawful requests from regulatory authorities

4. Advertising & Meta Pixel

We use the Meta Pixel (also known as the Facebook Pixel) on our website. This is a small piece of code that, with your consent, helps us:

  • Measure the effectiveness of our Facebook and Instagram advertisements
  • Show you relevant ads on Meta platforms based on your website visit
  • Build audiences of people who have visited our site to improve our ad targeting

The Meta Pixel only activates after you have given your explicit consent via our cookie consent banner. You can withdraw this consent at any time by revisiting your cookie preferences.

Meta acts as a separate data controller for the data collected through their platform. For more information, please see Meta's Data Policy at facebook.com/privacy/policy.

5. Who We Share Your Data With

We do not sell your personal data. We share it only with trusted third-party service providers who help us operate our business:

  • Shopify Inc. — our e-commerce platform
  • Shopify Payments — payment processing (PCI-DSS compliant)
  • SpeedFulfill — order fulfilment and logistics
  • Meta Platforms Inc. — advertising (only with your cookie consent)
  • Google Analytics — website analytics (only with your cookie consent)

All third-party processors are contractually required to handle your data securely and only as instructed by us.

6. Your Rights Under UK GDPR

As a UK resident, you have the following rights regarding your personal data:

  • Right of Access — request a copy of the data we hold about you
  • Right to Rectification — ask us to correct inaccurate or incomplete data
  • Right to Erasure — request deletion of your data ("right to be forgotten")
  • Right to Restriction — ask us to limit how we use your data
  • Right to Data Portability — receive your data in a structured, machine-readable format
  • Right to Object — object to our use of your data for direct marketing or legitimate interests
  • Right to Withdraw Consent — withdraw any consent you have given at any time

To exercise any of these rights, please contact us at privacy@healedbythesea.com. We will respond within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk.

7. Cookies & Tracking Technologies

7.1 Types of Cookies We Use

  • Strictly Necessary Cookies — required for the website to function (e.g. your shopping cart). These do not require your consent.
  • Analytics Cookies — help us understand how visitors use our site. Only activated with your consent.
  • Marketing Cookies — used to show you relevant ads on platforms like Meta. Only activated with your consent.
  • Preference Cookies — remember your settings and preferences. Only activated with your consent.

7.2 Managing Your Cookie Preferences

When you first visit our website, you will be shown a cookie consent banner. You can choose to accept or decline non-essential cookies. You can update your preferences at any time by clicking "Cookie Settings" in the footer of our website.

8. How Long We Keep Your Data

  • Order and transaction records: 7 years (UK legal requirement for financial records)
  • Customer account information: for the duration of your account, plus 2 years after last activity
  • Marketing email lists: until you unsubscribe or withdraw consent
  • Analytics data: 26 months
  • Cookie consent records: 1 year

9. Data Security

We use industry-standard security measures including:

  • SSL/TLS encryption for all data transmitted via our website
  • Secure payment processing via PCI-DSS compliant providers
  • Access controls limiting who within our team can access customer data

In the unlikely event of a data breach affecting your rights and freedoms, we will notify you and the ICO within 72 hours as required by UK GDPR.

10. Children's Privacy

Our website and products are not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with their data, please contact us and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. When we make significant changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email.

For independent advice about data protection and privacy, you can contact the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

The Sea Cleared My Eczema™ — Natural Skincare for Sensitive Skin